<html><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">
<div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">Thanks for the link.</div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><br class="webkit-block-placeholder"></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">The document referenced (Relying Party Security Policy) is definitely important. But at this stage seems preliminary since it implies only a single protocol scenario. [aside...the ontology links are broken] By this I mean, we need to take that document and further expand on it.</div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><br class="webkit-block-placeholder"></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><font face="Helvetica" size="3" style="font: 12.0px Helvetica">The major component of policy referred to in Relying Party Security Policy document is what I would call relying party web policy. It describes only what information is needed to be transferred and how it is to be transferred (i.e. WS-SecurityPolicy). IGF doesn't conflict with what already exists in WS-SecurityPolicy, but rather adds more context and more information. </font></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 12px/normal Helvetica; min-height: 14px; "><br></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 12px/normal Helvetica; min-height: 14px; ">IGF answers more of the following issues:</div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><font face="Helvetica" size="3" style="font: 12.0px Helvetica">* How do attribute authorities (e.g. Identity Providers) that hold information decide to accept and release information? </font></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><font face="Helvetica" size="3" style="font: 12.0px Helvetica">* Consent can raise transactional conditions that must be accounted for. E.g. two partners might agree on how to generally share information enabling a general flow. However, user-consent may indicate special conditions (e.g. suppression or filtering of specific claims, denial of claims, or special conditions such as "do not propagate").</font></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">* Context - there is a greater need in fine-grained authorization to fully define the context under which information is released. This means being able to transmit both the credentials of the application, the end-user involved, and potentially a transaction name and purpose (e.g. legal context).</div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><font face="Helvetica" size="3" style="font: 12.0px Helvetica">* From an consuming application perspective (relying party), WS-SecPol describes attributes and how they are to be delivered. It does not document the applications intended use of data. CARML provides additional meta data gives the Attribute Authority more context to approve the release of information. CARML and WS-SecPol definitely have a relationship and should support each other. The nature of that relationship needs to be defined more clearly.</font></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><br></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><font face="Helvetica" size="3" style="font: 12.0px Helvetica"><a href="http://wiki.eclipse.org/Relying_Party_Security_Policy"><font color="#0000eb" style="color: #0000eb"><u>http://wiki.eclipse.org/Relying_Party_Security_Policy</u></font></a> is a good early document and useful for discussion within the Higgins framework and within IGF. It represents the case where IGF is applied in a WS-Fed scenario. I'd be happy to reference this material from the openLiberty site if you like. I think it is important that we support and build on these ideas.</font></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 12px/normal Helvetica; min-height: 14px; "><br></div><div> <span class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; text-align: auto; -khtml-text-decorations-in-effect: none; text-indent: 0px; -apple-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; text-align: auto; -khtml-text-decorations-in-effect: none; text-indent: 0px; -apple-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; text-align: auto; -khtml-text-decorations-in-effect: none; text-indent: 0px; -apple-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; text-align: auto; -khtml-text-decorations-in-effect: none; text-indent: 0px; -apple-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; text-align: auto; -khtml-text-decorations-in-effect: none; text-indent: 0px; -apple-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; text-align: auto; -khtml-text-decorations-in-effect: none; text-indent: 0px; -apple-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; text-align: auto; -khtml-text-decorations-in-effect: none; text-indent: 0px; -apple-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; text-align: auto; -khtml-text-decorations-in-effect: none; text-indent: 0px; -apple-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; text-align: auto; -khtml-text-decorations-in-effect: none; text-indent: 0px; -apple-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><div>Phil Hunt</div><div>Oracle</div><br class="Apple-interchange-newline"></span></span></span></span></span></span></span></span></span> </div><br><div><div>On 29-Nov-07, at 6:25 PM, Anthony Nadalin wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"><p>Here is the general policy language description that drives the enhanced privacy support in Higgins <a href="http://wiki.eclipse.org/Relying_Party_Security_Policy">http://wiki.eclipse.org/Relying_Party_Security_Policy</a>.<br> <br> Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122<br> <br> <span><graycol.gif></span><font color="#424282">Phil Hunt ---11/28/2007 03:41:08 PM---Tony...what are you referring to exactly?</font><br> <br> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tbody><tr valign="top"><td width="1%"><span><ecblank.gif></span><br> <font size="2" color="#5F5F5F">From:</font></td><td width="100%"><span><ecblank.gif></span><br> <font size="2">Phil Hunt <<a href="mailto:phil.hunt@oracle.com">phil.hunt@oracle.com</a>></font></td></tr> <tr valign="top"><td width="1%"><span><ecblank.gif></span><br> <font size="2" color="#5F5F5F">To:</font></td><td width="100%"><span><ecblank.gif></span><br> <font size="2">"Higgins (Trust Framework) Project developer discussions" <<a href="mailto:higgins-dev@eclipse.org">higgins-dev@eclipse.org</a>></font></td></tr> <tr valign="top"><td width="1%"><span><ecblank.gif></span><br> <font size="2" color="#5F5F5F">Cc:</font></td><td width="100%" valign="middle"><span><ecblank.gif></span><br> <font size="2"><a href="mailto:higgins-dev-bounces@eclipse.org">higgins-dev-bounces@eclipse.org</a></font></td></tr> <tr valign="top"><td width="1%"><span><ecblank.gif></span><br> <font size="2" color="#5F5F5F">Date:</font></td><td width="100%"><span><ecblank.gif></span><br> <font size="2">11/28/2007 03:41 PM</font></td></tr> <tr valign="top"><td width="1%"><span><ecblank.gif></span><br> <font size="2" color="#5F5F5F">Subject:</font></td><td width="100%"><span><ecblank.gif></span><br> <font size="2">Re: [higgins-dev] Notes from a teleconf meeting wrt IGF</font></td></tr> </tbody></table> </p><hr width="100%" size="2" align="left" noshade="" style="color:#8091A5; "><br> <br> <br> <font size="4">Tony...what are you referring to exactly?</font><br> <br> <font size="2" face="Arial">Phil Hunt</font><br> <font size="2" face="Arial">Oracle</font><br> <br> <br> <font size="4">On 28-Nov-07, at 1:00 PM, Anthony Nadalin wrote:</font><br> <ul> <ul><font size="4">Not seeing any value with IGF, we already have claims and policy that can express what IGF is supposed to be able to express, so maybe the IGF folks can just pickup what has been done with defining the claims.<br> <br> Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122<br> <br> <graycol.gif></font><font size="4" color="#424282">"Jim Sermersheim" ---11/28/2007 02:45:24 PM---To try and push ahead on fleshing out what it would take to consume Higgins by the IGF, or implement parts of it in Higgins, we</font><font size="4"><br> </font> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tbody><tr valign="top"><td width="23%"><font size="4"><ecblank.gif></font><font color="#5F5F5F"><br> From:</font></td><td width="77%"><font size="4"><ecblank.gif></font><br> "Jim Sermersheim" <<a href="mailto:jimse@novell.com"><u><font color="#0000FF">jimse@novell.com</font></u></a>></td></tr> <tr valign="top"><td width="23%"><font size="4"><ecblank.gif></font><font color="#5F5F5F"><br> To:</font></td><td width="77%"><font size="4"><ecblank.gif></font><br> <<a href="mailto:higgins-dev@eclipse.org"><u><font color="#0000FF">higgins-dev@eclipse.org</font></u></a>></td></tr> <tr valign="top"><td width="23%"><font size="4"><ecblank.gif></font><font color="#5F5F5F"><br> Date:</font></td><td width="77%"><font size="4"><ecblank.gif></font><br> 11/28/2007 02:45 PM</td></tr> <tr valign="top"><td width="23%"><font size="4"><ecblank.gif></font><font color="#5F5F5F"><br> Subject:</font></td><td width="77%"><font size="4"><ecblank.gif></font><br> [higgins-dev] Notes from a teleconf meeting wrt IGF</td></tr> </tbody></table> <hr width="100%" size="2" align="left" noshade=""><font size="4"><br> <br> <br> To try and push ahead on fleshing out what it would take to consume Higgins by the IGF, or implement parts of it in Higgins, we had a chat on the phone with Phil Hunt. Primarily, the call was geared toward sharing descriptions of architecture (understanding how IdAS works and understanding the IGF architecture).</font><font size="5"> </font><font size="4"><br> <br> I put notes here </font><a href="http://wiki.eclipse.org/20071128_IGF_teleconf_notes"><i><u><font size="4" color="#0000FF">http://wiki.eclipse.org/20071128_IGF_teleconf_notes</font></u></i></a><font size="5"> </font><font size="4"><br> which are pointed at from here </font><a href="http://wiki.eclipse.org/IGF_Integration"><i><u><font size="4" color="#0000FF">http://wiki.eclipse.org/IGF_Integration</font></u></i></a><font size="5"> </font><font size="4"><br> which is pointed at from here </font><a href="http://wiki.eclipse.org/Identity_Attribute_Service"><i><u><font size="4" color="#0000FF">http://wiki.eclipse.org/Identity_Attribute_Service</font></u></i></a><font size="5"> </font><p><font size="4"><br> I'll start a new thread (continuing an old one) on Idas API extensibility which was one of the work items that came from the call.</font><font size="5"> </font> </p><p><font size="4"><br> Jim</font><font size="5"> </font><tt><font size="4">_______________________________________________<br> higgins-dev mailing list</font></tt><tt><u><font size="4" color="#0000FF"><br> </font></u></tt><a href="mailto:higgins-dev@eclipse.org"><tt><u><font size="4" color="#0000FF">higgins-dev@eclipse.org</font></u></tt></a><tt><u><font size="4" color="#0000FF"><br> </font></u></tt><a href="https://dev.eclipse.org/mailman/listinfo/higgins-dev"><tt><u><font size="4" color="#0000FF">https://dev.eclipse.org/mailman/listinfo/higgins-dev</font></u></tt></a><font size="4"><br> <br> <graycol.gif><ecblank.gif>_______________________________________________</font><br> <font size="4">higgins-dev mailing list</font><br> <a href="mailto:higgins-dev@eclipse.org"><u><font size="4" color="#0000FF">higgins-dev@eclipse.org</font></u></a><br> <a href="https://dev.eclipse.org/mailman/listinfo/higgins-dev"><u><font size="4" color="#0000FF">https://dev.eclipse.org/mailman/listinfo/higgins-dev</font></u></a></p></ul> </ul> <tt>_______________________________________________<br> higgins-dev mailing list<br> <a href="mailto:higgins-dev@eclipse.org">higgins-dev@eclipse.org</a><br> </tt><tt><a href="https://dev.eclipse.org/mailman/listinfo/higgins-dev">https://dev.eclipse.org/mailman/listinfo/higgins-dev</a></tt><tt><br> </tt><br> <span><graycol.gif></span><span><ecblank.gif></span><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">_______________________________________________</div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">higgins-dev mailing list</div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><a href="mailto:higgins-dev@eclipse.org">higgins-dev@eclipse.org</a></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><a href="https://dev.eclipse.org/mailman/listinfo/higgins-dev">https://dev.eclipse.org/mailman/listinfo/higgins-dev</a></div> </blockquote></div><br></body></html>